Firefox Vulnerability – known about for 17 years — Psinergy LLC
X
Menu

Firefox Vulnerability – known about for 17 years

While many consider ditching Google, including its web browser Chrome, due to privacy concerns and in response to recent actions, Firefox has been one of the primary alternate options. A recent Firefox exploit demonstration that uses a combination of a malicious HTML file, ClickJacking, iframe and SSH bugs may change that. (Proof of Concept video)

While news of another broad base vulnerability is not surprising, the fact that it’s been known about for 17 years is startling! Put simply, it’s now known that this weakness allows a hacker to access all files in the same folder and its subfolders that contain the malicious HTML file you unwittingly downloaded and didn’t realize you clicked on. Previously this was not seen as an issue and was used in SOP (Same-Origin Policy, which is a considered a critical security mechanism) that allows scripts to access files in the same local location, speeding things up for your browsing pleasure. This is now a major issue after a researcher, Barak Tawily, found a way to remotely gain access to, and subsequently, steal these files and transfer them to a remote server. While Barak is the first to publicly disclose the information of this vulnerability, who’s to say that others haven’t used it in the past. In 2015 a similar vulnerability within SOP was found being used in the wild.

The response from Mozilla seemed to downplay the risk and leads one to believe there are no plans to fix the issue. So, what can you do? At this point, it’s best to just not use Firefox until they find a way to fix this. Why? Just going to a website that contains the malicious HTML file can easily fool a person to click on things, like something that looks like, but are not actually, those “Do you want to allow this site to give notifications?”, “Allow/Deny” (kind of like the one you likely clicked when you accessed this article – and no, we didn’t code ours to be malicious…) and just clicking that can give the hacker access, and you’re none the wiser.

For more in-depth information: https://thehackernews.com/2019/07/firefox-same-origin-policy-hacking.html

You Might Also Liked

Psinergy Tech Earns 2020 Angie’s List Super Service Award Psinergy Tech Earns 2020 Angie’s List Super Service Award Cleaning and Disinfecting a Computer WITHOUT Destroying It Dealing with a Virus in Spring 2020, on a computer and in-real-life. Countdown to the End-of-Life ☠️ for Windows 7 🖥️ – Tips for Upgrading or Buying New Halloween 🎃 Treats: Teal is a fantastic color! 1903 is here, what have we seen? VLC Media Player Security Flaw!

Upcoming Events

May
11
Tue
2:00 pm 🌑 New Moon
🌑 New Moon
May 11 @ 2:00 pm – May 12 @ 12:59 am
Click to print (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on LinkedIn (Opens in new window)Click to share on Twitter (Opens in new window)MoreClick to share on Reddit (Opens in new window)Click to share on Pocket (Opens in new window)Click to share on[...]
May
17
Mon
4:00 am Mercury Is Back Again!
Mercury Is Back Again!
May 17 @ 4:00 am – 5:00 am
Did you miss seeing Mercury in March? Didn’t want to wake up early to see it in the morning sky? Here’s your second chance. Mercury will be at its highest point above the horizon in the evening sky. Look for the planet low in the western sky just after sunset.[...]
May
19
Wed
2:13 pm 🌓 First Quarter Moon
🌓 First Quarter Moon
May 19 @ 2:13 pm – May 20 @ 12:59 am
Click to print (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on LinkedIn (Opens in new window)Click to share on Twitter (Opens in new window)MoreClick to share on Reddit (Opens in new window)Click to share on Pocket (Opens in new window)Click to share on[...]
May
26
Wed
4:45 am Total Eclipse of the Moon!
Total Eclipse of the Moon!
May 26 @ 4:45 am – 7:53 am
The Earth’s shadow will completely cover the Moon. Click to print (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on LinkedIn (Opens in new window)Click to share on Twitter (Opens in new window)MoreClick to share on Reddit (Opens in new window)Click to share on[...]
6:14 am 🌕 Full Moon
🌕 Full Moon
May 26 @ 6:14 am – May 27 @ 12:59 am
This is also the second of three supermoons for 2021. The Moon will be near its closest approach to the Earth and may look slightly larger and brighter than usual. (6% bigger than average.) In the northern hemisphere, this full moon was known by early Native American tribes as the[...]
May
31
Mon
all-day Mercury Retrograde Begins
Mercury Retrograde Begins
May 31 all-day
This is of particular interest to astrologically minded folks. See URL for more info… Click to print (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on LinkedIn (Opens in new window)Click to share on Twitter (Opens in new window)MoreClick to share on Reddit (Opens[...]
Jun
1
Tue
all-day Private Moon Lander Launch?
Private Moon Lander Launch?
Jun 1 all-day
A first for private space travel and technology: A United Launch Alliance Vulcan Centaur rocket plans to send Astrobotic’s Peregrine lander to the Moon. The mission is flying via NASA’s Commercial Lunar Payload Services (CLPS) program, which aims to deliver up to 14 NASA payloads to the lunar surface on[...]
Jun
2
Wed
2:24 am 🌗 Last Quarter Moon
🌗 Last Quarter Moon
Jun 2 @ 2:24 am – Jun 3 @ 12:59 am
Click to print (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on LinkedIn (Opens in new window)Click to share on Twitter (Opens in new window)MoreClick to share on Reddit (Opens in new window)Click to share on Pocket (Opens in new window)Click to share on[...]
Jun
10
Thu
4:49 am Annular Solar Eclipse
Annular Solar Eclipse
Jun 10 @ 4:49 am – 5:49 pm
Folks in Canada, Greenland and Russia will be treated to a spectacular annular solar eclipse. As opposed to a total eclipse when the moon completely obscures the sun’s rays, in an annular eclipse, a circle of the sun’s light—or a “ring of fire”—surrounds the moon’s shadow. In the U.S., all[...]
5:53 am 🌑 New Moon
🌑 New Moon
Jun 10 @ 5:53 am – Jun 11 @ 12:59 am
Click to print (Opens in new window)Click to share on Facebook (Opens in new window)Click to share on LinkedIn (Opens in new window)Click to share on Twitter (Opens in new window)MoreClick to share on Reddit (Opens in new window)Click to share on Pocket (Opens in new window)Click to share on[...]